A newly discovered malware campaign called IronWorm has been silently targeting software developers through poisoned npm packages, stealing credentials, API keys, and even cryptocurrency wallet recovery phrases. The attack is built to spread itself through trusted developer workflows, making it one of the more sophisticated supply-chain threats seen in recent years. The malware travels inside […]
The post IronWorm Supply Chain Attack Uses Malicious npm Packages to Steal Developer Secrets appeared first on Cyber Security News.